Added Ubuntu support for ldap::auth.
This commit is contained in:
parent
4e2ae27047
commit
031eb802bd
1 changed files with 38 additions and 4 deletions
|
|
@ -14,9 +14,10 @@
|
||||||
#
|
#
|
||||||
class ldap::auth inherits ldap::client {
|
class ldap::auth inherits ldap::client {
|
||||||
|
|
||||||
|
$ldap_uri = inline_template('<%= ldap_server.join(" ") -%>')
|
||||||
|
|
||||||
case $operatingsystem {
|
case $operatingsystem {
|
||||||
CentOS: {
|
CentOS: {
|
||||||
$ldap_uri = inline_template('<%= ldap_server.join(" ") -%>')
|
|
||||||
package { "nss_ldap":
|
package { "nss_ldap":
|
||||||
ensure => installed,
|
ensure => installed,
|
||||||
}
|
}
|
||||||
|
|
@ -27,10 +28,43 @@ class ldap::auth inherits ldap::client {
|
||||||
File["/etc/openldap/ldap.conf"], ],
|
File["/etc/openldap/ldap.conf"], ],
|
||||||
require => Package["nss_ldap"],
|
require => Package["nss_ldap"],
|
||||||
}
|
}
|
||||||
augeas { "enable-ldap-ssl":
|
augeas { "pam-ldap-conf":
|
||||||
context => "/files/etc/ldap.conf",
|
context => "/files/etc/ldap.conf",
|
||||||
changes => "set ssl on",
|
changes => [ "set nss_paged_results yes",
|
||||||
onlyif => "get ssl != on",
|
"set pam_password exop",
|
||||||
|
"set ssl on", ],
|
||||||
|
onlyif => [ "get nss_paged_results != yes",
|
||||||
|
"get pam_password != exop",
|
||||||
|
"get ssl != on", ],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
Ubuntu: {
|
||||||
|
package { "ldap-auth-client":
|
||||||
|
ensure => installed,
|
||||||
|
}
|
||||||
|
exec { "auth-client-config -t nss -p lac_ldap":
|
||||||
|
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
||||||
|
unless => "auth-client-config -t nss -p lac_ldap -s",
|
||||||
|
require => Package["ldap-auth-client"],
|
||||||
|
before => Augeas["pam-ldap-conf"],
|
||||||
|
notify => Exec["nssldap-update-ignoreusers"],
|
||||||
|
}
|
||||||
|
exec { "nssldap-update-ignoreusers":
|
||||||
|
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
||||||
|
refreshonly => true,
|
||||||
|
}
|
||||||
|
augeas { "pam-ldap-conf":
|
||||||
|
context => "/files/etc/ldap.conf",
|
||||||
|
changes => [ "set uri '${ldap_uri}'",
|
||||||
|
"set base ${ldap_basedn}",
|
||||||
|
"set nss_paged_results yes",
|
||||||
|
"set pam_password exop",
|
||||||
|
"set ssl on", ],
|
||||||
|
onlyif => [ "get uri != '${ldap_uri}'",
|
||||||
|
"get base != ${ldap_basedn}",
|
||||||
|
"get nss_paged_results != yes",
|
||||||
|
"get pam_password != exop",
|
||||||
|
"get ssl != on", ],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
OpenBSD: {
|
OpenBSD: {
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue